Signing the main tag/manifest?

[mathieu-benoit]

Description

Today if we do this:

    uses: docker/github-builder/.github/workflows/build.yml@v1
    with:
      output: image
      push: true
      platforms: linux/amd64,linux/arm64
      sbom: true
      meta-images: |
        ghcr.io/my-org/my-image
      meta-tags: |
        latest

We are able to cosign verify the two manifests per platform linux/amd64 and linux/arm64 individually and explicitly.

But we are not able to do this:

cosign verify \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  --certificate-identity-regexp ^https://github.com/docker/github-builder/.github/workflows/build.yml.*$ \
  ghcr.io/my-org/my-image:FIXME-WITH-LATEST-DIGEST

We'll get this error because there is no signature on the main tag/manifest:

Error: no signatures found
error during command execution: no signatures found

It's common practice to have the main tag/digest in Dockerfile for base images and in Kubernetes manifests for final container images to refer to the main tag/digest, letting then the platform pulling the actual digest based on the arch/platform. In the meantime, admission controller like Kyverno will check the signature on the main tag/digest.

Could we add the cosign signature on the main tag/digest too?